Hi,
I am watching the data of yesterday (complete day).
No I have the task to show the max event count per hour for the timespan set.
How do I do it? How can I return the max value of multiple buckets?
My current workaround is the following:
table visualization
Is there any better way than that? So that I can get the number directly without having the overhead of the paging UI?
Thanks, Andreas
Hi @asp,
When you say count, are you referring to the total number of documents in the index for the given timestamp? Are you referring to a custom field for your dataset?
I ask because it seems you can simply remove the show only one line and see the information you want (unless I'm misunderstanding).
I set "yesterday" in time picker.
by setting date histogram to 1 hour, I will get following as example:
Time Count
...
...
So I only want to have the count of 220 from 11:00 be given back.
Hi @asp,
Try:
Metrics, select Sibling Pipeline Aggregations -> Max Bucket
Date Histogram aggregation as you're doingCount
Lemme know if that works!
Hi,
not working in 5.1.2 which is currently in our production, but working like charm in 5.5.x.
Since I am currently working on an update to 6.latest I expect it to work there afterwards.
Thanks a lot.
Great, glad you got something working!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
